Summary : This talk will briefly introduce the the iPhone security architecture. It will then demonstrate how to perform automated fuzzing on the device including SMS fuzzing. It will then demonstrate some payloads for the iPhone. iPhone payloads are complicated by the fact that on factory phones, no pages can be made executable. Therefore, the payloads consist of long chains of return-to-libc.